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DETAILED ACTION 
Response to Amendment 

1 . This action is in response to the amendment filed on May 6. 2005. Claims 1 -36 
were originally received for consideration. Per the received amendment, claims 
1,7,13,19,25, and 31 have been amended. No claims have been cancelled or added. 
Claims 1-36 are currently being considered. 

Response to Arguments 

2. Applicant's arguments filed May 6, 2005 have been fully considered but they are 
not persuasive for the following reasons: 

Regarding claim 1, the applicant argues that the CPA, Ronnen (U.S. Patent No. 
5,699,403), does not teach that the network vulnerability/risk analysis programs that are 
used for analyzing the network are "separate and non-integrated." The examiner 
interprets separate and non-integrated programs, as programs that independently 
analyze the risk of the network. The CPA discloses "risk computation modules" which 
include "various submodules that retrieve the appropriate probability data." (column 7 
lines 19-22). These modules examine different vulnerabilities in the network, and 
provide a different and independent risk level which are computed independently by 
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each module. Using this interpretation of "separate and non-integrated," it is believed 

that the CPA does teach that the network vulnerability/risk analysis programs that are 

used for analyzing the network are "separate and non-integrated." 

Therefore, the rejection for claims 1-36 is maintained as given below for the amended 

claims. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or In public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claims 1,2,4,6,7,8,10,12,13,14,16,18,19,20,22,24,25,29,31 and 35 are rejected 
under 35 U.S.C. 102(b) as being anticipated by Ronnen (U.S. Patent 5,699,403). 

Regarding claim 1 , Ronnen discloses: 

A method for assessing the security posture of a network comprising the steps 

of: 

creating a system object model database representing a network, wherein the 
system object model database supports the information data requirements of separate, 
non-integrated network vulnerability analysis programs (column 3 line 30 - column 4 
line 25); 



Application/Control Number: 09/500, 1 08 Page 4 

Art Unit: 2131 

exporting the system object model database of the network to the separate, non- 
integrated network vulnerability/risk analysis programs (column 3 line 30 - column 4 line 
25, column 7 lines 8 - 40); 

analyzing the network with each network vulnerability analysis program to 
produce data results from each program (column 4 lines 1 - 61 , column 6 lines 21 - 
56); and 

correlating the data results of the network vulnerability analysis programs to 
determine the security posture of the network (column 6 lines 57 - 65). 

Claim 2 is rejected as applied above in rejecting claim 1. Furthermore, Ronnen 
discloses: 

A method according to claim 1, and further comprising the step of importing the 
system object model database to the network vulnerability analysis programs via an 
integrated application programming interface (column 3 line 30 - column 4 line 25, 
column 7 lines 8 - 40). 

Claim 4 is rejected as applied above in rejecting claim 1 . Furthermore, Ronnen 
discloses: 

A method according to claim 1, and further comprising the step of establishing a 
class hierarchy to define components of the network vulnerability analysis programs that 
share common and programming traits (column 6 lines 57 - 65). 
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Claim 6 is rejected as applied above in rejecting claim 1. Furthermore, Ronnen 
discloses: 

A method according to claim 1, and further comprising the step of running the 
network vulnerability assessment/risk analysis programs to obtain data results 
pertaining to network system details, network topologies, node level vulnerabilities and 
network level vulnerabilities (column 4 lines 1 - 61 , column 6 lines 21 - 56). 

5. Claims 7,8,10, and 12 are method claims analogous to the method claims 
rejected above, and are therefore rejected using the same rationale given above. 

6. Claims 1 3, 1 4, 1 6, 1 8, 1 9,20,22, and 24 are computer-readable medium claims 
analogous to the method claims rejected above, and are therefore rejected using the 
same rationale given above. 

7. Claims 25,29,31 , and 35 are system claims analogous to the method claims 
rejected above, and are therefore rejected using the same rationale given above. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 3,9,15.21,26,27,28, 32, 33, and 34 are rejected under 35 U.S.C. 103(a) 

as being unpatentable over Ronnen (U.S. Patent 5,699,403) in view of Mayo et al. (U.S. 

5,751,965). 

Claim 3 is rejected as applied above in rejecting claim 1 . Furthermore, Ronnen 
discloses a method of assessing the security posture of a network comprising the steps 
of creating a system object model database, exporting this database to vulnerability 
analysis programs, and correlating the data results from these network vulnerability 
analysis programs to determine the security posture of a network. However, Ronnen 
does not explicitly describe modeling the network as a map on a graphical user 
interface. Mayo teaches the method of modeling the network as a map on a graphical 
user interface (column 2 lines 58-63, column 5 lines 49-53, column 6 lines 4-21). 
Ronnen delineates a method of gathering, storing, and correlating network vulnerability 
information, and displaying this information to users via a graphical user interface 
(column 6 lines 48 - 65). However, Ronnen does not divulge the method of displaying 
these results as a map. Mayo states the importance of the presentation of network 
information on a graphical user interface (column 1 lines 64-67, column 2 lines 1-9), and 
delineates a method of constructing a network map showing displaying different network 
attributes. Displaying network link, and nodes in a map format is well-known in the art, 
and a network map is commonly used to display network alarms, and failures, because 
it displays the relationship between nodes in a clear manner. Therefore, it would have 
been obvious to one of ordinary skill in the art at the time the applicant's invention was 
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made to display the network vulnerability assessment information gathered by the 
system of Ronnen using the network display method of Mayo to be able to display the 
network vulnerability information in a clear and organized manner so that one could 
better use the network vulnerability information to safeguard the network elements. 

4. Claims 5,1 1 ,17,23,30 and 36 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Ronnen (U.S. Patent 5,699,403) in view of Smith et at. (U.S. 
5,787,235). 

Regarding claim 5, Ronnen discloses a method for assessing the security posture of a 
network comprising the step of correlating the data results from a vulnerability 
assessment programs. However, Ronnen does not explicitly describe how this data is 
correlated. Smith delineates a fuzzy-logic based evidence fusion tool that can be 
applied to network configuration analysis, modeling and assessment (column 6 lines 26- 
30). Smith states the tool disclosed applies fuzzy logic to telecommunication network 
configuration analysis, modeling and assessment. This assessment disclosed can be 
viewed as a network vulnerability assessment correlation. Therefore it would have been 
obvious to one of ordinary skill in the art at the time the applicant's invention was made 
to use Smith's method of applying fuzzy logic to network data to correlate the 
vulnerability assessment information provided by Ronnen's system. The use of fuzzy 
logic processing allows correlation of the results from the programs into a cohesive 
vulnerability assessment to obtain an overall network vulnerability posture. 
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5. Claim 9 is a method claim analogous to the method claims rejected above, and 
are therefore rejected using the same rationale given above, 

6. Claims 15, and 21 are computer-readable medium claims analogous to the 
method claims rejected above, and are therefore rejected using the same rationale 
given above. 

7. Claims 26,27,28,32,33, and 34 are system claims analogous to the method 
claims rejected above, and are therefore rejected using the same rationale given above. 

Conclusion 

THIS ACTION IS MADE FINAL Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 



Application/Control Number: 09/500,108 



Page 9 



Art Unit: 2131 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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